Scan my project
SonarLint, a core component of the Sonar solution, is a developer's first line of defense to find and fix coding issues in real-time. The results of a SonarLint scan provide rich contextual guidance to help you improve your skills while enhancing productivity to help you resolve issues in code.
SonarLint scans your project to provide instant feedback against hundreds of language-specific rules. When running in Connected Mode with SonarQube or SonarCloud, you can benefit from additional rules that identify security vulnerabilities and security hotspots as well as take advantage of team features that help your organization work towards a Clean Code state.
Every organization has custom policies and procedures; the SonarLint analyzer offers a level of customization to help you achieve those practices.
SonarLint for VS Code will automatically analyze all open files. Scanning a full project, including unopened files, is only available in the search for Security hotspots; please see the documentation on reporting hotspots in the whole folder for the full details.
SonarLint for VS Code will only analyze open files when a file is opened or saved. It is not possible to manually trigger an analysis.
When running in Connected Mode, SonarLint will sync with the SonarQube or SonarCloud Quality Profile to download issues and suppress those marked as safe or won’t fix on the server. The analyzer properties and rules will be respected and SonarLint will use locally what is defined on the server.
Please see the specific requirements for supported compilers and language standards described on the Running an analysis page.
Jupyter Notebooks in VS Code
SonarLint for VS Code v3.16+ supports analysis of Python code inside Jupyter notebooks. When opening an
.ipynb file, SonarLint analyzes the Python code and Python cells inside your Jupyter Notebooks.
There is nothing special to do to run a SonarLint analysis; simply open a Jupyter Notebook file. As with any Jupyter Notebook, you must set up your VS Code environment to run a project. The usual Quick Fix and issue investigation options you are accustomed to are available.
IPython Notebooks is a new rules category in the SonarLint explorer. Go to SONARLINT RULES > IPython Notebooks in the SonarLint view container to enable/disable rules, just as you would any rule for other languages.
The following rules have been disabled by default for Jupyter documents because they tend to be noisy in the notebook environment:
Connected Mode will be ignored when working with Jupyter Notebooks. You will only have local analysis; this is because analysis of Jupyter Notebooks is not yet supported by SonarQube or SonarCloud.
All Magic commands are ignored by SonarLint (for example,
%matplotlib inline and
%%timeit). When a line magic command is found, that line will be ignored. Similarly, when a cell magic command is found, the entire cell will be ignored. The next image below shows a normal Jupyter cell; the second image illustrates the same cell with a cell magic command. Note how SonarLint ignores issues in the cell with the magic command.
It is possible to specify extra analyzer properties that will be used for analysis.
© 2015-2023, SonarSource S.A, Switzerland. Except where otherwise noted, content in this space is licensed under the GNU Lesser General Public License, Version 3.0. SONARLINT is a trademark of SonarSource SA. All other trademarks and copyrights are the property of their respective owners. See SonarSource.com for everything you need to know about the Sonar Solution.